Snap for 12872597 from 56f1333908 to mainline-tzdata6-release

Change-Id: Id436fcb059b920e5431d10f3cd2952064a0e4071
2025-01-06 04:35:10 -08:00 · 2025-01-06 04:35:10 -08:00 · 4212b33b57
commit 4212b33b57
parent 6c34dea406 56f1333908
10 changed files with 46 additions and 7 deletions
--- a/gs201-sepolicy.mk
+++ b/gs201-sepolicy.mk
@ -1,5 +1,5 @@
 # sepolicy that are shared among devices using whitechapel
-BOARD_SEPOLICY_DIRS += device/google/gs201-sepolicy/whitechapel_pro
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs201-sepolicy/whitechapel_pro
 # unresolved SELinux error log with bug tracking
 BOARD_SEPOLICY_DIRS += device/google/gs201-sepolicy/tracking_denials
--- a/tracking_denials/bluetooth.te
+++ b/tracking_denials/bluetooth.te
@ -0,0 +1,2 @@
 # b/382362323
 dontaudit bluetooth default_android_service:service_manager { find };
--- a/tracking_denials/bug_map
+++ b/tracking_denials/bug_map
@ -1,25 +1,37 @@
 aconfigd apex_info_file file b/381326452
 bluetooth audio_config_prop file b/379245738
 dump_display sysfs file b/350831939
 dump_modem sscoredump_vendor_data_coredump_file dir b/361726277
 dump_modem sscoredump_vendor_data_logcat_file dir b/361726277
 dumpstate unlabeled file b/350832009
 hal_bluetooth_synabtlinux device chr_file b/386303831
 hal_camera_default aconfig_storage_metadata_file dir b/383013727
 hal_face_default traced_producer_socket sock_file b/305600808
 hal_power_default hal_power_default capability b/237492146
 hal_sensors_default property_socket sock_file b/373755350
 hal_sensors_default sysfs file b/336451433
 hal_vibrator_default default_android_service service_manager b/360057889
 incidentd debugfs_wakeup_sources file b/282626428
 incidentd incidentd anon_inode b/282626428
 init init capability b/379206608
 insmod-sh insmod-sh key b/336451874
 insmod-sh vendor_edgetpu_debugfs dir b/385858933
 kernel dm_device blk_file b/319403445
 kernel kernel capability b/336451113
 kernel tmpfs chr_file b/321731318
 pixelstats_vendor block_device dir b/369540701
 platform_app vendor_fw_file dir b/377811773
 platform_app vendor_rild_prop file b/377811773
 priv_app audio_config_prop file b/379246129
 priv_app metadata_file dir b/383438008
 ramdump ramdump capability b/369475655
 ramdump_app default_prop file b/386148928
 ramdump_app privapp_data_file lnk_file b/385858800
 rfsd vendor_cbd_prop file b/317734397
 shell sysfs_net file b/329380891
 ssr_detector_app default_prop file b/359428005
 surfaceflinger selinuxfs file b/315104594
 system_server vendor_default_prop file b/366116786
 untrusted_app audio_config_prop file b/379245515
 vendor_init debugfs_trace_marker file b/336451787
 vendor_init default_prop file b/315104479
 vendor_init default_prop file b/315104803
@ -30,3 +42,5 @@ vendor_init default_prop file b/329381126
 vendor_init default_prop property_service b/315104803
 vendor_init default_prop property_service b/359427666
 vendor_init default_prop property_service b/359428317
 zygote aconfig_storage_metadata_file dir b/383949172
 zygote zygote capability b/379206941
--- a/tracking_denials/hal_vibrator_default.te
+++ b/tracking_denials/hal_vibrator_default.te
@ -0,0 +1,2 @@
 # b/360057889
 dontaudit hal_vibrator_default default_android_service:service_manager { find };
--- a/whitechapel_pro/debug_camera_app.te
+++ b/whitechapel_pro/debug_camera_app.te
@ -1,3 +1,4 @@
 # File containing sepolicies for GCA-Eng & GCA-Next.
 userdebug_or_eng(`
 	# Allows camera app to access the GXP device and properties.
 	allow debug_camera_app gxp_device:chr_file rw_file_perms;
@ -9,4 +10,7 @@ userdebug_or_eng(`
 	# Allows GCA-Eng to find and access the EdgeTPU.
 	allow debug_camera_app edgetpu_app_service:service_manager find;
 	allow debug_camera_app edgetpu_device:chr_file { getattr read write ioctl map };
 	# Allows tachyon_service to communicate with GCA-Eng via binder.
 	binder_call(edgetpu_tachyon_server, debug_camera_app);
 ')
--- a/whitechapel_pro/dump_power.te
+++ b/whitechapel_pro/dump_power.te
@ -13,3 +13,13 @@ allow dump_power mitigation_vendor_data_file:dir r_dir_perms;
 allow dump_power mitigation_vendor_data_file:file r_file_perms;
 allow dump_power sysfs_bcl:dir r_dir_perms;
 allow dump_power sysfs_bcl:file r_file_perms;
 allow dump_power battery_history_device:chr_file r_file_perms;
 userdebug_or_eng(`
  r_dir_file(dump_power, vendor_battery_debugfs)
  r_dir_file(dump_power, vendor_maxfg_debugfs)
  r_dir_file(dump_power, vendor_charger_debugfs)
  r_dir_file(dump_power, vendor_votable_debugfs)
  allow dump_power debugfs:dir r_dir_perms;
  allow dump_power vendor_usb_debugfs:dir { search };
 ')
--- a/whitechapel_pro/file_contexts
+++ b/whitechapel_pro/file_contexts
@ -5,7 +5,6 @@
 /vendor/bin/vcd                                                             u:object_r:vcd_exec:s0
 /vendor/bin/chre                                                            u:object_r:chre_exec:s0
 /vendor/bin/cbd                                                             u:object_r:cbd_exec:s0
 /vendor/bin/shared_modem_platform                                           u:object_r:modem_svc_sit_exec:s0
 /vendor/bin/rfsd                                                            u:object_r:rfsd_exec:s0
 /vendor/bin/bipchmgr                                                        u:object_r:bipchmgr_exec:s0
 /vendor/bin/storageproxyd                                                   u:object_r:tee_exec:s0
@ -82,7 +81,8 @@
 /dev/janeiro                                                                u:object_r:edgetpu_device:s0
 /dev/bigocean                                                               u:object_r:video_device:s0
 /dev/goodix_fp                                                              u:object_r:fingerprint_device:s0
-/dev/stmvl53l1_ranging                                                      u:object_r:rls_device:s0
+/dev/fth_fd                                                                 u:object_r:fingerprint_device:s0
 /dev/ispolin_ranging                                                        u:object_r:rls_device:s0
 /dev/watchdog0                                                              u:object_r:watchdog_device:s0
 /dev/mali0                                                                  u:object_r:gpu_device:s0
 /dev/logbuffer_usbpd                                                        u:object_r:logbuffer_device:s0
--- a/whitechapel_pro/genfs_contexts
+++ b/whitechapel_pro/genfs_contexts
@ -212,6 +212,10 @@ genfscon sysfs /devices/platform/google,battery/power_supply/battery
 genfscon sysfs /devices/platform/google,cpm                                     u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/google,charger                                 u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/10d60000.hsi2c                                 u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /class/power_supply/wireless/device/version                      u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /class/power_supply/wireless/device/status                       u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /class/power_supply/wireless/device/fw_rev                       u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/pseudo_0/adapter0/host1/target1:0:0/1:0:0:0/block/sde   u:object_r:sysfs_devices_block:s0
 # P22 battery
@ -275,6 +279,9 @@ genfscon sysfs /devices/platform/odm/odm:btbcm/wakeup
 genfscon sysfs /devices/platform/sound-aoc/wakeup                                                                           u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/wakeup                                                 u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/wakeup                                                 u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/odm/odm:fps_touch_handler/power/wakeup                                                     u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/odm/odm:fps_touch_handler/wakeup                                                           u:object_r:sysfs_wakeup:s0
 #SecureElement
 genfscon sysfs /devices/platform/181c0000.spi/spi_master/spi17/spi17.0/st33spi u:object_r:sysfs_st33spi:s0
--- a/whitechapel_pro/google_camera_app.te
+++ b/whitechapel_pro/google_camera_app.te
@ -8,3 +8,6 @@ allow google_camera_app vendor_fw_file:dir search;
 # Allows GCA to find and access the EdgeTPU.
 allow google_camera_app edgetpu_app_service:service_manager find;
 allow google_camera_app edgetpu_device:chr_file { getattr read write ioctl map };
 # Allows tachyon service to communicate with google_camera_app via binder.
 binder_call(edgetpu_tachyon_server, google_camera_app);
--- a/whitechapel_pro/modem_svc_sit.te
+++ b/whitechapel_pro/modem_svc_sit.te
@ -38,9 +38,6 @@ get_prop(modem_svc_sit, hwservicemanager_prop)
 # logging property
 get_prop(modem_svc_sit, vendor_logger_prop)
 # Modem SVC will register the default instance of the AIDL ISharedModemPlatform hal.
 hal_server_domain(modem_svc_sit, hal_shared_modem_platform)
 userdebug_or_eng(`
  allow modem_svc_sit radio_test_device:chr_file rw_file_perms;
 ')
		`@ -0,0 +1,2 @@`
							`# b/382362323`
							`dontaudit bluetooth default_android_service:service_manager { find };`
		`@ -0,0 +1,2 @@`
							`# b/360057889`
							`dontaudit hal_vibrator_default default_android_service:service_manager { find };`